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II. REAL PARTY IN INTEREST 

The real party in interest is Northrop Grumman Corporation, as indicated 
by the Assignment recorded July 15, 2004. 

III. RELATED APPEAL AND INTERFERENCES 

There are no related appeals or interferences. 

IV. STATUS OF CLAIMS 

Claims 1 and 3-20, which are attached in the first Appendix, are currently 
pending in this application. Claims 1 and 3-20 stand rejected under 35 U.S.C. 
§1 03(a) as being unpatentable over U.S. Pub. No. 2003/0005291 to Burn 
("Burn") in view of U.S. Patent No. 6,490,367 to Carlsson et al. ("Carlsson"). 

The rejection of claims 1 and 3-20 is appealed. 

V. STATUS OF AMENDMENTS 

A response to a Final Office Action ("Final Rejection") issued on October 
6, 2006 was filed on December 6, 2006. No amendments of the claims were 
filed after the Final Rejection. An Advisory Action Before Filing an Appeal Brief 
("Advisory Action") dated December 28, 2006 was issued. The Advisory Action 
indicated that the request for reconsideration set forth in the Response to the 
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Final Rejection was considered, but did not place the application in condition for 
allowance. 

VI. SUMMARY OF THE CLAIMED SUBJECT MATTER 
A. Claim 1 

One aspect of the invention, as recited in claim 1 is directed to a token 
(130 of FIG. 1) issuance and binding process (Par. [0023]). The process 
comprises providing a plurality of tokens (130 of FIG. 1) each token (130 of 
FIG. 1) having a unique ID number stored therein (Par. [0023]) and generating a 
unique public/private key pair for each token (Par. [0025]). The process also 
comprises storing (220 of FIG.2) each token ID number and corresponding public 
key in a directory/database (Par. [0025]). The process further comprises storing 
(210 of FIG. 2) each private key in its respective token (Par. [0025]) and binding 
(290 of FIG. 2) a unique ID number of a user (132 of FIG. 1) to a corresponding 
one of the plurality of tokens (130 of FIG. 1) by storing the correspondence there 
between in the directory/database (108 of FIG.1) (Par. [0031]). The process still 
further comprises reviewing, by a Tokenizing Officer (146 of FIG. 1), (230 of 
FIG. 2) credentials of the user (132 of FIG. 1) and forwarding the user ID number 
and the token ID number to a CMS (Certificate Management System) (1 10 of 
FIG. 1) along with an E-form (electronic form) request and signature of the 
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Tokenizing Officer (146 of FIG. 1) (Par. [0028]), wherein the Tokenizing Officer 
(146 of FIG. 1) comprises a person (Par. [0026]). 

B. Claim 3 

Claim 3 is directed to the process of claim 1 , the binding (290 of FIG. 2) 
further comprising the CMS (1 10 of FIG. 1) checking (250 of FIG. 2) for 
redundant user tokens (130 of FIG. 1) and revoking any such user tokens (130 of 
FIG. 1)(Par. [0028]). 

C. Claim 11 

Another aspect of the present invention, as recited in claim 1 1 is directed 
A PKI (Public Key Infrastructure) system (Par. [0001]). The system comprises a 
plurality of tokens (130 of FIG. 1), each token (130 of FIG. 1) having a unique ID 
number stored therein (Par. [0023]) and a CMS facility (1 10 of FIG. 1) including a 
first interface to read data from the plurality of tokens (130 of FIG. 1) and to write 
data to the plurality of tokens (130 of FIG. 1) and including a directory/database 
(108 of FIG. 1) (Par. [0023]). The system also comprises a badging facility 
including a terminal (128 of FIG. 1) operatively connected to communicate with 
the CMS (1 10 of FIG. 1) and including a second interface to read data from the 
plurality of tokens (1 30 of FIG. 1 ) and to write data to the plurality of tokens (1 30 
of FIG. 1) (Par. [0023]). The CMS (1 10 of FIG. 1) generates a unique 
public/private key pair for each token (Par. [0025]) and stores each token ID 
number and corresponding token public key in the directory/database (108 of 
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FIG. 1) (220 of FIG. 2) and stores each token private key (210 of FIG. 1) in its 
respective token (130 of FIG. 1) (Par. [0025]). A Tokenizing Officer (146 of 
FIG. 1) utilizes the terminal (126 of FIG. 1) in the badging facility to forward a 
unique ID number of a user (1 32 of FIG. 1 ) to which a particular token (1 30 of 
FIG. 1) is to be issued along with the unique ID number of the particular token 
(130 of FIG. 1) to the CMS (110 of FIG. 1). The CMS (1 10 of FIG. 1) binds the 
unique ID number of the user (132 of FIG. 1) to the particular token ID number by 
storing the correspondence there between in the directory/database (108 of 
FIG. 1) (Par. [0031]), wherein the Tokenizing Officer (146 of FIG. 1) comprises a 
person (Par. [0026]). 
Claim 13 

Claim 13 is directed to the system of claim 12, wherein the CMS (110 of 
FIG. 1) checks (250 of FIG. 2) for redundant user tokens (130 of FIG. 1) and 
revokes any such user tokens (130 of FIG. 1) (Par. [0028]). 

VII. GROUNDS OF REJECTION TO BE REVIEW ON APPEAL 

A. Whether claims 1 and 3-20 are made obvious under 35 U.S.C. 
§1 03(a) by Burn in view of Carlsson? 
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VIII. ARGUMENTS FOR CLAIMS 

A. 35 U.S.C. 5103(a) rejection of claims 1-2 and 9-10 as being 
made obvious by Burn in view of Carlsson 

The Court of Customs and Patent Appeals has held that to establish prima 

facie obviousness of a claimed invention, all the claimed limitations must be 

taught or suggested by the prior art. In re Royka, 490 F.2d 981, 180 U.S.P.Q. 

580 (C.C.P.A. 1974). 

1. The Obviousness Rejection of claim 1 

Claim 1 is patentable over Burn in view of Carlsson for at least the 
following reasons. Burn taken in view of Carlsson does not teach or suggest 
reviewing, by a Tokenizing Officer, credentials of a user and forwarding a user ID 
number and a token ID number to a CMS along with an electronic form request 
and a signature of the Tokenizing Officer, as recited in claim 1 . In the Final 
Rejection, the Examiner contended that Column 8, Lines 12-51 of Carlsson 
discloses this element of claim 1 . Applicant's representative respectfully 
disagrees. Carlsson discloses that an administrator uses a certificate authority 
(CA) terminal to complete a form with user information and validity periods which 
are required in order to create a certificate (See Carlsson, Col. 8, Lines 27-30). 
Carlsson also discloses that a card can be personalized, and that card 
personalization involves adding a certificate and a user's private key to the card. 
However, Carlsson does not teach or suggest a Tokenizing Officer forwarding a 



-7- 



Serial No. 10/027,604 

user ID number and a token ID number to a CMS, as recited in claim 1. In fact, 
nothing in Carlsson discloses that the cards even contain a token ID number, or 
some other kind of unique identifier. 

In the Final Rejection, the Examiner contended that Carlsson's disclosure 
of a sequence number reads on the token ID number recited in claim 1 (See 
Final Rejection, Page 2, citing Col. 8, Lines 34-37 of Carlsson). Applicant's 
representative respectfully disagrees. The cited section of Carlsson discloses 
that before certificate data is sent to a CA centre, the certificate data is signed, 
together with the service life and sequence number of the certificate request, by 
the administrator (See Carlsson, Col. 8, Lines 34-37). The "sequence number" 
disclosed in Carlsson is clearly referencing an administration number. Nothing in 
Carlsson teaches or suggests that the sequence number is unique to a card 
(e.g., token), in contrast to the token ID number recited in claim 1. Instead, it 
appears that the sequence number is unique to the particular certificate request. 

A certificate does not correspond to a token, and thus, a sequence 
number of a certificate request, as disclosed in Carlsson, does not correspond to 
a token ID, as recited in claim 1 . The term token is clearly defined in the 
Specification of the present Application. The Specification states that a token is 
a smart card, a universal serial bus (USB) token, or other hardware token 
capable of generating, storing, and using public key infrastructure (PKI) 
certificates/public keys (See Spec, Par. [0018]). Clearly, from the definition of a 

-8- 



Serial No. 10/027,604 



token as disclosed in the Specification, as well as the normal meaning of a token 
by a person of ordinary skill in the art, a certificate does not correspond to a 
token, as recited in the claims. 

Furthermore, the Federal Circuit has held that the doctrine of claim 
differentiation dictates that where claims use different terms, those differences 
are presumed to reflect a difference in the scope of the claims. Forest 
Laboratories, Inc. v. Abbott Laboratories, 239 F.3d 1305, 1310, 57 U.S.P.Q.2D 
1794 (Fed. Cir. 2001). As an example, claims 7 and 17 both recite storing a 
signature certificate/private key for the user in a token. Thus, the claims, by 
virtue of the doctrine of claim differentiation, distinguish between a token and a 
certificate. Therefore, both the doctrine of claim differentiation and the 
Specification of the present Application support a conclusion that a certificate 
does not correspond to a token, as recited in the claims. Accordingly, the 
sequence number of a certificate request disclosed in Carlsson does not 
correspond to the token ID number recited in claim 1 . 

In the Advisory Action, the Examiner states that in claim 1, the recited 
token ID number is not necessarily stored in a token. Applicants representative 
respectfully disagrees. Claim 1 recites providing a plurality of tokens, each token 
having a unique ID number stored therein and storing each token ID number in a 
directory/database. It is clear to one skilled in the art that a unique ID for a 
particular token is the token ID number. Accordingly, Burn taken in view of 
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Carlsson fails to teach or suggest reviewing, by a Tokenizing Officer, credentials 
of the user and forwarding a user ID number and a token ID number to a CMS 
system along with an electronic form request and a signature of the Tokenizing 
Officer, wherein the Tokenizing Officer comprises a person, as recited in claim 1 . 
Thus, Burn taken in view of Carlsson does not teach or suggest each and every 
element of claim 1 . 

For the reasons stated above, Burn taken in view of Carlsson does not 
make claim 1 obvious. Thus, Applicant's representative respectfully requests 
that the rejection of claim 1 be withdrawn. 

2. The Obviousness Rejection of Claim 3 

Claim 3 depends from claim 1 and is patentable over Burn in view of 
Carlsson for at least the same reasons as claim 1, and for the following reasons. 
Burn taken in view of Carlsson does not teach or suggest a CMS checking for 
redundant user tokens and revoking any such user tokens. In the Final Rejection 
the Examiner contended Carlsson's disclosure of its certificate revocation 
procedure disclosed this element of claim 3 (See Final Rejection, Pages 5-6, 
Citing Carlsson, Col. 9, lines 14-20). Applicant's representative respectfully 
disagrees. 

The cited section of Carlsson discloses that a certificate can be revoked 
when a user has died, has been found to be unreliable or his/her role has 
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changed (See Carlsson, Col. 9, Lines 14-17). However, in claim 3, the process 
recited ensures that a user possesses, at most, one token. Nothing in Carlsson 
teaches or suggests limiting the number of personalized cards (e.g., tokens) that 
any one user can possess, in contrast to the process recited in claim 3. 
Therefore, Burn taken in view of Carlsson fails to make claim 3 obvious and the 
rejection of claim 3 should be withdrawn. 

3. The Obviousness Rejection of Claims 4-10 

Claims 4-10 depend either directly or indirectly from claim 1 and are not 
made obvious for at least the same reasons as claim 1 and for the specific 
elements recited therein. Accordingly, the rejection of claims 4-10 should be 
withdrawn. 

4. The Obviousness Rejection of Claim 11 

Claim 1 1 is patentable over Burn in view of Carlsson for at least the 
following reasons. Burn taken in view of Carlsson fails to teach or suggest that a 
Tokenizing Officer utilizes a terminal in a badging facility to forward a unique ID 
number of the user to which a particular token is to be issued along with a unique 
ID number of the particular token to a CMS, wherein the Tokenizing Officer 
comprises a person, as recited in claim 11. In the Final Rejection, the Examiner 
contended that Column 8, Lines 12-51 of Carlsson discloses this element of 
claim 11 (See Final Rejection, Page 7, citing the rejection of claim 1). Carlsson 
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discloses that a card can be personalized, and that card personalization involves 
adding a certificate and a user's private key to the card (See Carlsson, Col. 7, 
Lines 27-30). However, Carlsson does not teach or suggest a Tokenizing Officer 
forwarding a user ID number and a token ID number to a CMS, as recited in 
claim 1 1 . In fact, nothing in Carlsson discloses that the cards even contain a 
token ID number, or some other kind of unique identifier. 

In the Final Rejection, the Examiner contended that Carlsson's disclosure 
of a sequence number reads on the token ID number recited in claim 1 1 (See 
Final Rejection, Page 2, citing Col. 8, Lines 34-37 of Carlsson). Applicant's 
representative respectfully disagrees. The "sequence number" disclosed in 
Carlsson is clearly referencing an administration number. Nothing in Carlsson 
teaches or suggests that the sequence number is unique to a card (e.g., token), 
in contrast to the token ID number recited in claim 1 1 . Instead, in Carlsson, it 
appears that the sequence number is unique to the particular certificate request. 

A certificate does not correspond to a token, and thus, a sequence 
number of a certificate request, as disclosed in Carlsson does not correspond to 
a token ID, as recited in claim 11. The Specification states that a token is a 
smart card, a universal serial bus (USB) token, or other hardware token capable 
of generating, storing, and using public key infrastructure (PKI) certificates/public 
keys (See Spec, Par. [0018]). Additionally, claims 7 and 17 both recite storing a 
signature certificate/private key for the user in a token. Thus, the claims, by 
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virtue of the doctrine of claim differentiation, distinguish between a token and a 
certificate. Clearly, from the definition of a token as disclosed in the 
Specification, the doctrine of claim differentiation, as well as the normal meaning 
of a token by a person of ordinary skill in the art, a certificate does not 
correspond to a token, as recited in the claims. Accordingly, the sequence 
number of a certificate request disclosed in Carlsson does not correspond to the 
token ID number recited in claim 1 1 . 

In the Advisory Action, the Examiner states that in claim 1 1 , the recited 
token ID number is not necessarily stored in a token. Applicant's representative 
respectfully disagrees. Claim 1 1 recites a plurality of tokens, each token having 
a unique ID number stored therein and a CMS that stores each token ID number 
in a directory/database. It is clear to one skilled in the art that a unique ID for a 
particular token is the token ID number. Accordingly, Burn taken in view of 
Carlsson fails to teach or suggest a Tokenizing Officer that utilizes a terminal in a 
badging facility to forward a unique ID number of a user to which a particular 
token is to be issued along with the unique ID of the particular token to the CMS, 
wherein the CMS binds the unique ID number of the user to the particular token 
ID number by storing the correspondence there between in the 
directory/database, wherein the Tokenizing Officer comprises a person, as 
recited in claim 1 1 . Thus, Burn taken in view of Carlsson does not teach or 
suggest each and every element of claim 1 1 . 
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Therefore, Burn taken in view of Carlsson does not make claim 1 1 
obvious. Accordingly, Applicant's representative respectfully requests that the 
rejection of claim 1 1 be withdrawn. 

5. The Obviousness Rejection of Claim 13 

Claim 13 depends from claim 12 and is not made obvious by Burn taken in 
view of Carlsson for at least the same reasons as claim 12, and for the following 
reasons. Claim 13 recites that a CMS checks for redundant tokens and revokes 
any such user tokens. In the system recited in claim 13, each user can possess, 
at most, one token. Burn taken in view of Carlsson does not teach or suggest 
that a user cannot possess more than one personalized card (e.g., token), in 
contrast to the system recited in claim 11. Therefore, Burn taken in view of 
Carlsson does not teach or suggest each and every element of claim 13, and the 
rejection of claim 13 should be withdrawn. 

6. The Obviousness Rejection of Claims 14-20 

Claims 14-20 depend either directly or indirectly from claim 1 1 and are not 
obvious for at least the same reasons as claim 1 1 and for the specific elements 
recited therein. Accordingly, the rejection of claims 14-20 should be withdrawn. 
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IX. APPENDICES 

The first attached Appendix contains a copy of the claims on appeal. 

The second and third Appendices have been included to comply with 
statutory requirements. 

Please charge any deficiency or credit any overpayment in the fees for 
this Appeal Brief to Deposit Account No. 20-0090. 



TAROLLI, SUNDHEIM, COVELL 
& TUMMINO, LLP. 
1300 East Ninth Street, Suite 1700 
Cleveland, Ohio 44114 
(216) 621-2234 
(216) 621-4072 (Facsimile) 
Customer No.: 26294 



Respectfully submitted, 




Christopher P. Harris 
Reg. No. 43,660 
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Claims Appendix 

Claim 1 A token issuance and binding process comprising: 
providing a plurality of tokens, each token having a unique ID number 
stored therein; 

generating a unique public/private key pair for each token; 

storing each token ID number and corresponding public key in a 
directory/database; 

storing each private key in its respective token; 

binding a unique ID number of a user to a corresponding one of the 
plurality of tokens by storing said correspondence there between in the 
directory/database; and 

reviewing, by a Tokenizing Officer, credentials of the user and forwarding 
the user ID number and the token ID number to a CMS (Certificate Management 
System) along with an E-form (electronic form) request and signature of the 
Tokenizing Officer, wherein the Tokenizing Officer comprises a person. 

Claim 3 The process of claim 1 , the binding further comprising the 
CMS checking for redundant user tokens and revoking any such user tokens. 
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Claim 4 The process of claim 3, the binding further comprising the 
CMS filling in the E-form from its directory/database and forwarding the filled in 
E-form to the Tokenizing Officer. 

Claim 5 The process of claim 4, the binding further comprising the 
Tokenizing Officer reviewing data in the filled in E-form and comparing against 
the user credentials and returning same to the CMS after signing. 

Claim 6 The process of claim 5, the binding further comprising the 
CMS validating the Tokenizing Officer's signature and generating and wrapping 
at least a signature certificate/private and associated private key for the user in 
the unique public key of the token and returning same to the Tokenizing Officer. 

Claim 7 The process of claim 6, the binding further comprising the 
Tokenizing Officer storing the signature certificate/private key for the user in the 
token. 

Claim 8 The process of claim 7, the binding further comprising the 
user unwrapping the signature certificate/private key using the token private key 
stored in the token. 

Claim 9 The process of claim 1 , wherein providing a plurality of 
tokens comprises providing a plurality of USB (Universal Serial Bus) tokens. 
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Claim 10 The process of claim 1, wherein providing a plurality of 
tokens comprises providing a plurality of smart cards. 

Claim 11 A PKI (Public Key Infrastructure) system comprising: 
a plurality of tokens, each token having a unique ID number stored 
therein; 

a CMS (Certificate Management System) facility including a first interface 
to read data from said plurality of tokens and to write data to said plurality of 
tokens and including a directory/database; and 

a badging facility including a terminal operatively connected to 
communicate with said CMS and including a second interface to read data from 
said plurality of tokens and to write data to said plurality of tokens; 

wherein said CMS generates a unique public/private key pair for each 
token and stores each token ID number and corresponding token public key in 
said directory/database and stores each token private key in its respective token; 
and 

wherein a Tokenizing Officer utilizes said terminal in said badging facility 
to forward a unique ID number of a user to which a particular token is to be 
issued along with the unique ID number of said particular token to said CMS and 
wherein said CMS binds the unique ID number of said user to said particular 
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token ID number by storing the correspondence there between in said 
directory/database, wherein the Tokenizing Officer comprises a person. 

Claim 12 The system of claim 1 1 , wherein said Tokenizing Officer 
reviews credentials of said user and forwards the user ID number and token ID 
number to said CMS along with an E-form (electronic form) request and 
signature of said Tokenizing Officer. 

Claim 13 The system of claim 12, wherein said CMS checks for 
redundant user tokens and revokes any such user tokens. 

Claim 14 The system of claim 13, wherein said CMS fills in the E-form 
from said directory/database and forwards the filled in E-form to said Tokenizing 
Officer. 

Claim 15 The system of claim 14, wherein said Tokenizing Officer 
reviews data in filled in the E-form and compares against the user credentials 
and returns same to said CMS after signing. 

Claim 16 The system of claim 15, wherein said CMS validates said 
Tokenizing Officer's signature and generates and wraps at least a signature 
certificate and associated private key for said user in said unique token public 
key of said particular token and returns same to said Tokenizing Officer. 
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Claim 17 The system of claim 16, wherein said Tokenizing Officer 
stores the signature certificate/private key for said user in said particular token. 

Claim 18 The system of claim 17, wherein said user unwraps said 
signature certificate/private key using said token private key stored in said 
particular token. 

Claim 1 9 The system of claim 1 1 , wherein said plurality of tokens 
comprises a plurality of USB (Universal Serial Bus) tokens. 

Claim 20 The system of claim 1 1 , wherein said plurality of tokens 
comprises a plurality of smart cards. 
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Evidence Appendix 

None 
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None 
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